Security with LocalInitialContextFactory
----------------------------------------
Key: OPENEJB-716
URL: https://issues.apache.org/jira/browse/OPENEJB-716
Project: OpenEJB
Issue Type: Bug
Components: security
Reporter: Jarek Gawor
Fix For: (trunk/openejb3)
We ran into two issues with LocalInitialContextFactory:
1) It does not support security realms like RemotelInitialContextFactory does.
2) Because LocalInitialContextFactory caches the InitialContext (context
obtained from
org.apache.openejb.core.ivm.naming.InitContextFactory.getInitialContext()) the
security authentication is done only once per JVM instead of per access (or
instance of LocalInitialContextFactory). That means, that once a user uses
LocalInitialContextFactory to access some EJB without security, all other
subsequent users of LocalInitialContextFactory will not be able to access EJBs
with security.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
